<?php
// 检查用户信息和职位数据
// 定义数据库连接常量
define("Site_Db", "localhost");
define("Site_Dbuser", "ydd");
define("Site_Dbpass", "aBs22t7d2KAZiajt");
define("Site_Dbname", "ydd");

try {
    // 创建数据库连接
    $conn = new PDO(
        'mysql:host='.Site_Db.';dbname='.Site_Dbname,
        Site_Dbuser, 
        Site_Dbpass,
        array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8")
    );
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    
    echo "数据库连接成功\n\n";
    
    // 1. 检查提供的token对应的用户信息
    $token = 'e60ea30bd0d377525f6751f5d1dc8bf49c8f678cb82d1ae0357a570ed187c336f673596b93207d039ea39ad521279fbb83af036cf97ecb925e5ac31bd24fd984c2258229a7cecd7d9f13ac003c30';
    
    echo "=== 用户信息 ===\n";
    $stmt = $conn->prepare("SELECT id, username, permission, position, company_id FROM users WHERE token = :token LIMIT 1");
    $stmt->execute([':token' => $token]);
    $user = $stmt->fetch(PDO::FETCH_ASSOC);
    
    if ($user) {
        echo "用户ID: " . $user['id'] . "\n";
        echo "用户名: " . $user['username'] . "\n";
        echo "权限: " . $user['permission'] . "\n";
        echo "职位: " . $user['position'] . "\n";
        echo "公司ID: " . ($user['company_id'] ?? 'NULL') . "\n";
        
        // 2. 检查该用户有权查看的职位
        echo "\n=== 用户有权查看的职位 ===\n";
        
        // 根据用户权限构建查询条件
        $where = "status = 1";
        $params = [];
        
        // 非超级管理员只能查看自己公司的职位
        if ($user['permission'] !== 'superadmin') {
            if ($user['company_id'] === null) {
                $where .= " AND company_id IS NULL";
            } else {
                $where .= " AND company_id = :company_id";
                $params[':company_id'] = $user['company_id'];
            }
        }
        
        // 管理员根据不同的主管职位过滤
        if ($user['permission'] === 'admin') {
            // 查找当前管理员职位的ID
            $stmt = $conn->prepare("SELECT id FROM positions WHERE name = :position");
            $stmt->execute([':position' => $user['position']]);
            $positionId = $stmt->fetchColumn();
            
            if ($positionId) {
                // 获取所有直接下属职位ID
                $subordinateIds = [];
                $stmt = $conn->prepare("SELECT id FROM positions WHERE parent_id = :positionId");
                $stmt->execute([':positionId' => $positionId]);
                while ($row = $stmt->fetchColumn()) {
                    $subordinateIds[] = $row;
                }
                
                // 查看自己的职位以及所有直接下属职位
                $where .= " AND (name = :position OR parent_id = :positionId";
                if (!empty($subordinateIds)) {
                    $subordinateIdsStr = implode(',', $subordinateIds);
                    $where .= " OR id IN ($subordinateIdsStr)";
                }
                $where .= ")";
                $params[':position'] = $user['position'];
                $params[':positionId'] = $positionId;
            } else {
                // 职位不存在，只能看到自己的职位
                $where .= " AND name = :position";
                $params[':position'] = $user['position'];
            }
        }
        // 普通用户只能看到自己的职位
        else if ($user['permission'] === 'member' && !empty($user['position'])) {
            $where .= " AND name = :position";
            $params[':position'] = $user['position'];
        }
        
        // 查询符合条件的职位
        $stmt = $conn->prepare("SELECT id, name, company_id, status, parent_id FROM positions WHERE $where");
        $stmt->execute($params);
        $positions = $stmt->fetchAll(PDO::FETCH_ASSOC);
        
        if (empty($positions)) {
            echo "没有找到符合条件的职位\n";
        } else {
            echo "找到 " . count($positions) . " 个职位:\n";
            foreach ($positions as $pos) {
                echo "- ID: " . $pos['id'] . ", 名称: " . $pos['name'] . ", 公司ID: " . ($pos['company_id'] ?? 'NULL') . ", 状态: " . $pos['status'] . ", 父ID: " . ($pos['parent_id'] ?? 'NULL') . "\n";
            }
        }
        
        // 3. 显示所有职位（用于调试）
        echo "\n=== 所有职位（调试信息） ===\n";
        $stmt = $conn->prepare("SELECT id, name, company_id, status, parent_id FROM positions");
        $stmt->execute();
        $allPositions = $stmt->fetchAll(PDO::FETCH_ASSOC);
        
        echo "数据库中共有 " . count($allPositions) . " 个职位:\n";
        foreach ($allPositions as $pos) {
            echo "- ID: " . $pos['id'] . ", 名称: " . $pos['name'] . ", 公司ID: " . ($pos['company_id'] ?? 'NULL') . ", 状态: " . $pos['status'] . ", 父ID: " . ($pos['parent_id'] ?? 'NULL') . "\n";
        }
        
    } else {
        echo "未找到匹配的用户\n";
    }
    
} catch (Exception $e) {
    echo "错误: " . $e->getMessage() . "\n";
}

$conn = null;
?>